Certification Archives - My Tech Gnome

CCDE Journey (Take 2)

Posted on February 13, 2023 by mytechgnome

Back in 2020 I was planning to take the CCDE exam, but those plans were derailed by a little thing called a global pandemic. With test centers closed for an unknown period, I decided to wait until things calmed down before I started to really dig into it. Then, in 2021 it was announced that the CCDE was moving to version 3.0. I didn’t want to get end up in a race against the sunset of the v2 exam, which meant waiting until the release of v3. Add in some travel, a new job, and a handful of other events that distracted from my CCDE plan, and here I am, ready to give this another go.

I’m planning to continually add content as I’m learning new things, both as a way to help me remember what I’m covering, and hopefully in a way that might help others that are either working towards the CCDE or just looking to pick up bits of information along the way.

Study Materials

I have a handful of material that I’ll be using for the CCDE prep.

Primary resources:

CCDE Study Guide: https://www.ciscopress.com/store/ccde-study-guide-9781587144615
CCDE v3 Practice Labs: https://www.ciscopress.com/store/ccde-v3-practice-labs-preparing-for-the-cisco-certified-9780137499854
In-Depth CCDE https://orhanergun.net/ebook/ccde-in-depth-book
CCDE v3 Training: https://orhanergun.net/courses/self-paced-ccde-course

Additional resources:

CCDE v3 Learning Matrix: https://learningnetwork.cisco.com/s/ccde-design-expert?tabset-6020b=601f6
- There are tabs with reading suggestions for each topic area.
- This is the list of books, articles, blogs, and whitepapers in the matrix:
- Cisco Design Guide: Network Security Baseline

The CCDE covers a massive range of topics. It will be a fun process working my way through all of it!

CCNP Data Center – DCIT 300-615 Exam Experience

Posted on February 15, 2022February 9, 2023 by Dan Kelcher

To finish off my CCNP: Data Center certification I successfully passed the DCIT exam. While preparing for the exam I found there is very little preparation material outside of the official Cisco course.

I recently posted about my experience with the DCCOR exam, and in that covered my background and some of the general information on this set of exams. You can read more about it here: https://www.mytechgnome.com/2022/02/ccnp-data-center-dccor-350-601-exam.html

About the Exam

The exam topics can be found here: https://learningnetwork.cisco.com/s/dcit-exam-topics

I went over the specific technologies in the DCCOR exam review, but I’ll quickly touch on them here as well. The exam is specifically focused on troubleshooting the various technologies in each of these areas

Network (25%)

This section covers L2/L3 technologies including vPC, LACP, STP, OSPF, BGP, PIM, and FHRP (mainly HSRP). Overlay protocols are also included, primarily VXLAN, but OTV is in there as well. Of course ACI is also covered here.

Compute (25%)

Under the Compute category it’s exactly what you’d expect to see. Lots of UCS, and though it doesn’t specifically call out HyperFlex or Intersight I think it’s fair to assume that those would be in scope. Remember, Cisco states in the exam objectives that “The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam.”

Storage (15%)

Again, nothing unexpected here. There’s fibre channel and FCoE, and you need to be able to troubleshoot issues that can come up with those protocols. One specific call out here though is storage is 15% of the exam, but only has one major subtopic. That leads me to a presumption that there will be a significant number of FC questions compared to something like vPC.

Automation (15%)

Like the Storage section, there’s only two subtopics for 15% of the exam. It seems sensible to be very familiar with EEM, scheduling, and automation tools.

Management and Operations (20%)

In the final section the topics include the firmware management and security topics that were covered in DCCOR under different parent topics. This topic feels a little more like a grab bag, being worth 20% and having the most subtopics.

Exam Prep

The biggest resource used for this was the preparation work I did for the DCCOR exam. Both exams cover the same technology areas, but the DCIT is strictly on troubleshooting, instead of understanding how to use each piece.

As mentioned earlier, the only resource I could find on the exam was the Cisco training course. Well, that’s not entirely true. Google was more that willing to provide links to brain dump sites, and I found a set of practice tests on Udemy. Unfortunately the tests on Udemy appear to be from the previous DCIT v6 300-180 exam, with questions on topics that are no longer in the exam objectives. I suspect the author just took the same exam they wrote for the 300-180 and renamed it for 300-615.

I ended up purchasing the e-learning bundle from Cisco Learning Network: https://learningnetworkstore.cisco.com/on-demand-e-learning/troubleshooting-cisco-data-center-infrastructure-dcit-v7.0/ELT-DCIT-V7-023907.html mainly for the labs offered. There are 30 guided labs included, with access to ACI, UCS, MDS, and Nexus hardware. I found this much more useful than working with the limitations from the UCS Emulator, ACI Simulator, CML, dCloud, and DevNet. Plus it was less expensive than looking at rack rentals, and it was cheaper and easier than searching eBay for all the hardware to build my own lab.

The video training in the course was pretty good. Much of it was review from the DCCOR material, but that’s not a bad thing. It helps to reinforce that learning and to use that understanding to help in the troubleshooting process.

The labs were decent. I appreciated that they were broken out with your objective, and had a button to see the steps to work through getting the correct solution. Often I found I took a different path to get to the answer, but I was usually able to figure it out on my own. I would have liked to have seen more potential scenarios though. Usually each topic area only had a few misconfigurations. With some topics there wasn’t a lab at all. There were no labs for anything under the Automation or Management and Operations topics.

Within the lab you have full access to the hardware, which allows you to create your own scenarios to some extent. One example would be EEM, a topic clearly listed in the exam topics, but there’s not a lab for it. Since there’s not a scenario for it I tried to create my own. It’s very difficult to build a troubleshooting problem for yourself because you likely know where the issue is when you set it up. What I did instead was to create a scenario that I knew would not work, but then I would look at different show commands to see how it worked. Sticking with the EEM example, here some of the questions I worked off of:

What happens if you create multiple events, but make a mistake in the tagging?
What happens if you don’t add event-default when you need it, or do add it when you don’t?
What happens if the event is based on CLI entries, but a user doesn’t type the full command, or uses an alias?

The idea was to work in reverse. I know the problem, but I am learning how that problem presents. This can be fun coming up with all the different scenarios of how something could break, and then seeing how that shows up.

The same process can be used for other areas too. Here’s a few questions to work with on the storage side:

What’s the output of show flogi database or show fcns database if

a zoneset isn’t active?
a zone isn’t part of the active zoneset?
a port is assigned to the wrong VSAN?
a port mode is incorrect?
a WWN is incorrect in a zone config?
the FCoE VSAN to VLAN mapping is incorrect?

Using the above examples, are there other show commands that would be useful?

The more you know about how problems present themselves the easier the exam will be. Of course, these are only a few examples what you could encounter on the exam. The more you build out the better off you’ll be.

Exam Experience

Unfortunately Cisco has removed the simulation questions from the exams. The TSHOOT exam was one of my favorite tests because it was heavy in the simulation side. The sims had their share of issues, but I prefer them over the rote memorization of command syntax. That said, the DCIT exam is the typical multiple choice type exam. There might be some multi-select or drag-and-drop for some added flair, but no more sims.

Overall I thought the exam wasn’t bad. Most of the questions were clear, but there were some that had me scratching my head. I had a few questions that waded into the rote memorization world, and some that seemed very unlikely scenarios. There were a few questions that were fairly complex, and took some work to find the right answer.

Since the exam is focused on troubleshooting I found it to be easier to work with than the DCCOR exam. The DCCOR topic list is longer, and it includes verbs like Describe, Apply, Analyze, Implement, Evaluate, and Explain. The DCIT had one verb, Troubleshoot.

Final Thoughts

I wish the exam had sim questions, but even without, I prefer the scenario-based questions. I’d like to see less rote memorization and edge case questions, and more focus on things that are more realistic to face in the real world. Given that though, I think the exam was fair. If you have a good understanding of how these technologies work, and what happens when they are misconfigured then this exam shouldn’t be too bad.

CCNP Data Center – DCCOR 350-601 Exam Experience

Posted on February 2, 2022February 9, 2023 by Dan Kelcher

I recently passed the DCCOR exam, and since it’s a difficult test I thought I’d share my experience with it.

My Background

Before getting into my preparation and exam experience I’m going to provide some background about the knowledge I had coming into this. Everyone has different skills and experiences, and that’s going to have an impact on how they prepare. The exam is broken down to five topic domains, so I’ll use that format.

Network

I’ve worked in the IT for about 20 years, and I already have my CCNP:EN (converted from the old CCNP:RS). The L2 and L3 topics were mostly review, but the overlay technologies were new for me. I also came in with very little practical ACI knowledge. I’ve worked in environments where ACI was deployed, but I wasn’t responsible for maintaining it.

Compute

This is an area I felt fairly comfortable with initially. I’ve worked with UCS off and on for over seven years. I’ve deployed and managed blades and rack servers, as well as multiple HyperFlex environments. I’ve also worked a bit with Intersight.

Storage

For a relatively brief period in my career I did a lot of SAN deployments, so I was somewhat familiar with the overall storage concepts. I stopped working with fibre channel maybe five years ago and had worked mainly with iSCSI connectivity or virtual SAN environments since then.

Automation

I have the DevNet Associate certification, so I’m at least passably familiar with automation. However, it’s not something I do day-to-day.

Security

In IT Security is part of everything we do. I’m well versed in the overall security concepts, but I rarely go in and deal with RBAC or similar settings. Usually that was something where the roles were configured when a platform was deployed, and I could go months without needing to make any changes aside from adding users to the correct groups.

About the Exam

The exam topics list can be found here: https://learningnetwork.cisco.com/s/dccor-exam-topics

First off, I want to say that this exam is massive. If you compare it to what the CCNP:RS exams were I think that can illustrate my point. In the old 300-101 ROUTE exam 40% of the exam was on routing. The remaining 60% was split between five categories. The 300-115 SWITCH exam had 65% of the exam focused on L2 technologies, with the remaining 35% split between two other categories.

In contrast, the 350-601 DCCOR has 25% of the overall exam on Networking. In that 25% it includes OSPF and BGP (covered in the previous ROUTE exam), and L2 topics like LACP, and STP. However, the DCCOR also includes PIM, vPC, overlay protocols (OTV and VXLAN), and ACI. Just the breadth of topics in the Network topic makes this exam feel bigger, and harder than the previous CCNP:RS.

The remaining 75% of the exam is comparatively simple. The Network portion is 25% of the exam, but contains 10 subtopics. The remain 3/4 of the exam is a total of 16 topics. By topic area, I would have expected the Network portion to be closer to 40% of the exam.

The Compute portion of the exam covers the UCS servers, HyperFlex, Intersight, and general management of a compute environment. From a topic standpoint nothing unexpected.

Moving to the Storage section of the exam it is, like the Compute section, pretty straight forward. I will admit that I was surprised the topics didn’t mention iSCSI at all. Aside from that the Storage is what you’d expect. It covers how fibre channel works, zoning, NPV/NPIV, VSAN, etc.

Automation is another topic that seems easy, but can get really broad quickly. Though the topic list doesn’t go into the details I think it’s fair to assume that when it lists things like REST API that means you will need an understanding of how an API would be used to manage any of the hardware covered in the exam.

Lastly, the Security is focused heavily on the AAA and RBAC configurations for the different technologies covered in the exam. Additionally, there are some more specific subtopics for each technology type.

One final note on the exam topics – Cisco has a line on that exam topics page that I think is important and often overlooked by test takers “The following topics are general guidelines for the content likely to be included on the exam.” Which means that things like iSCSI could actually appear on the exam. Even though the topic isn’t specifically called out, it is a storage networking protocol that has seen wide adoption, and that means it could appear on the exam.

Exam Prep

I started a blog post about the resources I used for the exam here: https://www.mytechgnome.com/2021/12/ccnp-datacenter-journey-dccor-350-601.html

I started with the Cisco Press Official Certification Guide, and I think it’s an awesome resource. Unfortunately, I struggled with reading it and I literally found this book was putting me to sleep. (That’s more a me problem than a book problem). I found it worked better for me to use it as a reference for specific topics instead of trying to read it cover-to-cover. One other thing I realized early on is the DCCOR exam replaced the CCIE written exam. I found myself questioning if the depth covered in the book was for the benefit of the DCCOR exam, or as a resource for the CCIE lab (spoiler alert – it is for the DCCOR).

When I was having difficulty getting through the book I switched to the INE material. Their video training is great, but incomplete. At least at the time I went through it the HyperFlex and Automation sections are listed as “Coming Soon”. It also seems like the Storage section was just duplicated from the previous CCIE:DC training. I thought it was very hands-on like what I’d expect when preparing for a CCIE lab, but it seemed to focus more on the configuration requirements than I would have expected would be needed for the DCCOR.

I switched over to the CBT Nuggets training to compliment what INE covered, and to fill the gaps in what INE hadn’t published. There were a number of things covered in the CBT Nuggets material that wasn’t covered in the INE material, so I was happy I went through it as well.

Labs

Books and video training are great, and they have their place, but the fun part of learning new stuff is to actually do it! To prepare for the exam I used a few different tools provided by Cisco.

For the Networking topics CML is nearly perfect. With CML you can create labs to cover most of the network topics. I created maybe ten different lab environments and built out a bunch of different configurations:

Switching: STP, vPC, LACP, HSRP, VRRP
Routing: OSPF, BGP (iBGP and eBGP), PIM
Overlay: OTV (CML can’t do OTV on the data plane so you can’t actually pass traffic), VXLAN

I also did combination labs. For example, create a BGP and OSPF “provider” network, and run VXLAN over it. Then in the “provider” environment I would enable or disable multicast and adjust the VXLAN deployment accordingly. I would also configure anycast gateways in each network. It’s also worth pointing out that you can enable the NX-API in CML, and run automation tools against it. That’s a great way to practice both the automation skills as well as the networking skills.

To get hands-on with ACI I primarily used the ACI simulator. With the simulator I was able to do a large deployment with three APICs, as well as two spine and two leaf switches. I was able to go through and build out EPGs, contracts, domains, etc. One thing that I found particularly cool with the ACI simulator was that I could SSH to spine and leaf switches. This allowed me to get hands-on with the CLI of the underlying hardware.

On the Compute side, I used the UCS emulator. This allows you to run UCS manager and create virtual UCS hardware and policies. Like the previous tools, the UCS emulator also allows CLI access to the virtual FIs.

The storage portion of the exam was the most difficult to actually get hands-on labs for. There are some labs available through the DevNet Sandbox and dCloud that have MDS switches, but the labs are limited in what they can do. The good news is that comparatively the commands for storage are far less than what you need to know for other topics.

With both Automation and Security all of the above resources can be used. DevNet also has a lot of good resources for automation. The security side is mainly just being familiar with how accounts and roles are created and the configuration of RADIUS/TACACS connections.

Exam Experience

I took the exam remotely, which generally has been a positive experience. There are a few of tips that I can provide for the online exam. First would be to go through the pre-check to make sure everything works as expected. I used a laptop with an external monitor, and I found that it defaulted to the laptop webcam (with the laptop lid closed this didn’t work), but there’s a dropdown to select the webcam so it was an easy fix. Make sure you have good audio. The proctors often do PC-based calls, and I found them difficult to hear using my monitor speakers. Switching to the laptop speakers solved that problem. Also I recommend installing the Pearson app when checking in. I had numerous issues using the web-based tool. It seemed like when trying to upload images they were blurry in the web app, and when I switched to the mobile app the issues were resolved.

Cisco has an NDA all test takers have to accept, so I’m going to be very vague in what I say about the actual exam. The first thing is I will reiterate that this exam is broad. For each topic area (ACI, Nexus, UCS, MDS, etc.) be familiar with all of the different tools used to manage them. That means GUI, CLI, and API. Make sure you are paying close attention to the exam topics, and you have a firm grasp on each and every topic item.

I did get some questions that seemed to be poorly worded, and a couple left me confused on what specifically was being asked. In some cases it was just be the way that I read the question, and taking a moment then rereading it and it made more sense. In others, it didn’t matter how many times I read it, it just didn’t make sense.

One other trend that I’ve found with exams is the tendency to find the most obscure question possible. As engineers we have access to context sensitive help. Preparing for the exam I watched CCIEs extensively use the “?” to find the syntax that was needed, or look for a config option in the wrong area. I find it frustrating when on an exam there are syntax questions that are needlessly specific. An example would be something like if something is measured in bits, kilobits, bytes, kilobytes, etc. Another example would be if a timer is configured in seconds or milliseconds. If these situations ever came up, I’d have access to tools without needing to memorize the plethora of commands and options. To make matters worse, often when these questions come up they are on commands that are rarely used. This exam is no different. Make sure you are committing the exact syntax of commands to memory.

On my first attempt I failed, and looking at the score report I’m guessing it was close. The passing score and received score aren’t provided anymore, but the percentage per topic is displayed. Not surprisingly, the areas I performed the worst in were Storage, Automation, and Security. Those areas were where I had much more general knowledge initially, and it showed. However, after having actually taken the exam I knew where I was weak, and the level of depth on the exam. I went back and reviewed the Network and Compute topics, and spent more time digging in to the areas I needed to improve. When I retook the exam I was able to pass the exam.

Final Thoughts

This exam is tough. I can confidently say it’s one of the most difficult exams I’ve ever taken. It’s a mile wide, and it can also get quite deep. There are plenty of challenging questions that really test your knowledge. With enough preparation and practice it is something that can be accomplished.

CCNP Datacenter Journey – DCCOR 350-601 and DCIT 300-615 – Resources

Posted on December 13, 2021February 9, 2023 by Dan Kelcher

I’m working towards attaining the CCNP: Data Center certification. I’ll be compiling a list of resources and tips that I used along the way.

Software

VMware Workstation Pro – https://store-us.vmware.com/workstation_buy_dual_new

Cisco Modeling Labs – https://learningnetworkstore.cisco.com/cisco-modeling-labs-personal/cisco-modeling-labs-personal-plus/CML-PERSONAL-PLUS.html

UCS Emulator – https://software.cisco.com/download/beta/1850014776

ACI Simulator – https://software.cisco.com/download/home/286283149/type/286283168/release/5.2(1g) (If you don’t have access to the software you can work with a Cisco SE to grant you access)

Use this command in Linux to merge the downloaded files into a single OVA to import into VMware Workstation

cat acisim-5.2-1g_part1.ova acisim-5.2-1g_part2.ova acisim-5.2-1g_part3.ova acisim-5.2-1g_part4.ova acisim-5.2-1g_part5.ova acisim-5.2-1g_part6.ova > acisim-5.2-1g.ova

Material

Cisco Press Official Cert Guide

INE CCNP:DC training course

CBT Nuggets CCNP:DC training course

I Passed the Cisco DevNet Associate exam and Joined DevNet Class of 2020!

Posted on December 22, 2020February 9, 2023 by Dan Kelcher

I’m excited to announce that I passed the DevNet Associate (200-901) exam, and with that I’ve joined the DevNet Class of 2020!

To start with, for those that don’t know, DevNet is the Cisco Developer Network, focused around developing solutions in the network space. It focuses heavily on programability and automation of numerous Cisco products. The DevNet Class of 2020 includes everyone that passes a DevNet exam during the inaugural year of the program. Originally, the program was slated to end December 31st of 2020, but it was extended to February 24th, 2021.

I found this exam to be simultaneously one of the most challenging and fun certifications I’ve attempted. With a near 20-year career in IT I’ve never really done much programming. I’ve made a few HTML sites over the years, and the odd batch or PowerShells script, but never anything more than that. In many ways this exam broke into a lot of new areas for me. For network engineers looking to get into automation I thought this was a great way to start, and for people new to IT this is a great way to get into the automation and programmability mindset early on.

How I prepared

First things first. Learning Python. Coming from the network background this took some work, but it really wasn’t too bad. I started with some YouTube videos and books. One site specifically that I used a lot was automatetheboringstuff.com, as well as the YouTube videos from the same author.

I found the repetition of the labs got boring after a while, so I started to look for beginner projects. One project that I worked with was a Python clone of the classic Pong game. However, instead of just duplicating the code I worked on adding additional functionality. Players could enter their names, and select their paddle colors, as well as set the game speed and score limit. I added some input validation to make sure the entries didn’t cause the game to crash. For me, it was important to actually work with the code and play with the options instead of simply copying what someone else said.

Once I felt I had a decent handle on Python I started reading the DEVASC 200-901 Official Cert Guide, which of course hit a lot of the same Python info I was working with already, but added depth. The book goes into a lot of other things like Git and API configs. Which, of course, meant getting Git set up and testing committing, branching, and merging code.

The Cisco DevNet site has access to sandboxes that can be used to test out API calls. Since I don’t have DNA Center, ACI, Meraki, Webex, FMC, etc. all running in my basement it was really good to have access to the sandbox. I worked through learning the API methods via curl, Postman, Python, and SDK. This meant a lot of repetition. The authorization methods between the Cisco platforms changes, and that means the way you interact with the API needs to change.

Looking back, I wish that I had merged the Git exercises more with the API work. I could have built out a repository of all the tests I was working with. So, as a recommendation, use Git early, and get in the habit of using it.

I also watched the Pluralsight videos by Nick Russo. Personally, I found those difficult to follow. Coming in to programming fresh, there was a lot that I felt was skimmed. This meant I spent a lot of time pausing videos to duplicate scripts. There’s a bunch of files attached to the courses, but I felt it was important to actually write the code.

In addition to Python, Git, and APIs, you also need to know the different data formats. The main ones would be YAML, JSON, and XML. Again, not coming from a programming background this was another stumbling block for me. The different sources I used all covered this, but it took some work to really understand it. It came down to just going over the formatting and syntax a few times until it really made sense.

If that wasn’t enough to learn, there’s also the automation frameworks. Things like NETCONF, RESTCONF, YANG, Ansible, Puppet, Chef, NSO, etc. More to learn. More terms. More syntax.

But wait, there’s more! Docker and VIRL/CML. Learning about the tools to build environments programmatically, and how to make them work. Yet more terms and syntax.

The exam also covers the software design methodologies. Things like Agile, Lean, Waterfall, etc. The DevOps ideas. Testing methods. Luckily, no syntax, but more terms.

The final topics were (for me) the easiest. Basic network security and network operations. Things like attack types and remediation mechanisms, subnetting, and other layer 2/3 functionality. Since this is stuff I’ve spend years working with these topics were a breeze. However, for someone new to network operations the process of learning the layer 2 and layer 3 configuration can be a bit more complicated. Luckily, this isn’t the CCNA. You don’t need to configure STP or OSPF. You just need to know what the terms mean. If you can articulate what a switch and router do, what the OSI model is, and you understand how subnets work then you should be OK.

Thoughts on the exam

As I’d mentioned at the beginning, I found this exam to be both fun and challenging. There were questions where I stared at the screen slack-jawed trying to understand what was being asked. Often, those questions were ones I was overthinking, and after a brief befuddlement I figured it out. This isn’t because the questions were poorly worded. In fact, it was the opposite. I thought the questions were well written, but since some of the concepts are still new to me it took a moment to really wrap my head around it.

I think the exam was fair, and it asked good questions. I didn’t feel like there were any trick questions, or things that were intentionally misleading. There were definitely some challenging questions, but they seemed fair and I felt like I should have known the answers. Without giving anything away, I’ll just say that since this is a technical exam knowing the terms, acronyms, and syntax for all of the topics is important.

Final notes

I want to reiterate that I thought this was a great exam, with really good content. Whether we network engineers want it or not, network programmability is going to be a thing. Think back to the people that wanted to maintain a PBX instead of moving to VoIP, or the adoption of virtualization. These shifts take time, but they are happening. As difficult as some of this was for me to learn, I’m glad I did. Comparing this to many of my other certifications, this one really feels like there’s a ton of value and I gained some useful skills preparing for it.

Starting the CCDE journey

Posted on December 12, 2019February 9, 2023 by Dan Kelcher

I’ve finally decided to start the trek toward the CCDE. With the upcoming changes to the CCNA/CCNP/CCIE programs it made the decision easier. I wasn’t going to finish a CCIE before February, so that route wasn’t an option.

Step 1: Figure out what to study

Cisco has provided a reading list here: https://learningnetwork.cisco.com/docs/DOC-1673

There’s also a learning matrix here: https://learningnetwork.cisco.com/community/certifications/ccde/written_exam/study-material

I went through both and compiled a book list. I already had physical copies of most of the books. I was able to find some use copies that were under $10. Other books were out of print, or difficult to justify spending the money when only a chapter or two were needed. I also found that some of the books were available through Safari’s online library.

My library

Step 2: Study

I am hoping to take the written exam in the summer, so I have a lot of reading to do. As I go through the different books I intend to detail some of the more challenging concepts here. Doing so helps me reinforce what I’ve learned, and it might help some future reader grasp a topic. I’m also planning to put more detail around what material I found helpful, and what I thought wasn’t a good use of time.

TOGAF 9.2 Certified

Posted on March 15, 2019February 9, 2023 by Dan Kelcher

I recently finished the TOGAF 9 Part 2 exam. Believe it or not, this exam is the follow-up to the TOGAF 9 Part 1 exam. Having completed the Part 1 exam and certification process already, completing this exam upgrades my certification from TOGAF 9 Foundation to TOGAF 9 Certified.

If you don’t know what TOGAF is, or are unfimilar with the Foundation certification see my post on the Part 1 exam.

About the Exam

There are a couple things to be aware of with Part 2. First off, it is an upgrade to Part 1. This means that all the concepts are the same. The big difference is that Part 1 focuses on knowing the TOGAF Standard, and its components. Part 2 focuses on how it is used. It’s also worth noting that the TOGAF 9 Certified certification replaces the TOGAF 9 Foundation certification.

The exam, on paper, looks deceivingly easy. It is all of eight questions long. No, these aren’t 8 questions with 14 sub-parts. Nor are they simulations or other types of questions. Just eight questions, with four answer choices each. To pass you need to score at least 60%. Also, each answer is weighted with the most correct answer being worth 5 points, the second best is 3 points, the next is only 1 point, and the worst answer will get you 0 points. If you do the math, you can pass by getting the best answer five times, and completely missing the rest. You could also get the second best answer for all eight questions and still pass. The test is also open book.

Sounds easy, right? Well, here’s where that takes a bit of a turn. The questions are scenario based, which means there’s a lot of reading during the exam. Also, because the answers are weighted it means it can be difficult to pick which of the four choices really is the best.

How I prepared

I took the Part 2 exam a week after I did the Part 1, so all of that studying was still fresh.

I picked up the Official TOGAF ® 9 Certified Study Guide

For this exam I decided to try one of the practice tests in the back of the book first, and use that to guide my studies. I found that with the knowledge I had after my Part 1 training, combined with some critical thinking and I was able to pass the practice test with flying colors.

I then went through the questions a second time and I ranked the answers from what I thought was best to worst. I had about 85% accuracy with that, so I felt confident enough in my understanding that I went ahead and scheduled the test.

The Exam

As usual, this is a proctored exam from a Pearson VUE test site. The exam experience was uneventful. I’ve taken plenty of tests at this site, so getting in and out was a breeze.

The one thing about the exam that I will say is that critical thinking is important. You need to be able to evaluate four different answers to a scenario, and at times it can be difficult to really decide which one is best.

TOGAF 9.2 Foundation Certification

Posted on March 1, 2019February 9, 2023 by Dan Kelcher

About the Exam

I recently passed the TOGAF 9.2 Part 1 exam. This is an Enterprise Architecture exam from The Open Group. The Open Group is an open group (who would have guessed?) that includes a number of big names. You can read more about them at their site: https://www.opengroup.org/

The TOGAF certification actually contains two parts, Foundation and Certified. You can earn the Foundation certification, and then upgrade to the full Certified status by completing an additional exam. You can also sit both exams back to back and go directly to the Certified status. More info on the certification can be found here: https://www.opengroup.org/certifications/togaf

For me, since I’m new to the TOGAF standard, I decided to do the Foundation exam first, and once I’ve finished that then move on to the Certified upgrade.

How I Prepared

For my study materials I bought the TOGAF® 9 Foundation Study Guide – 4th Edition

After reading through the book I think it’s a decent read. It can be repetitive at times, but since some of the concepts are new to me I actually think it’s helpful. There are practice tests included in the book, and they are almost identical to the separate practice tests sold by The Open Group. If you get the book then I wouldn’t bother getting the practice tests.

I also watched Pluralsight video series on TOGAF. The thing I liked about the video series was the use of a fictional enterprise that was going through an Enterprise Architecture process. In the Study Guide I had some trouble really understanding what some parts would look like in practice, so this material helped fill in some gaps.

There’s also the TOGAF library which contains a lot of useful information about the TOGAF standard. However, for this exam that material really isn’t needed.

Taking the Exam

The TOGAF exam was similar to most other Pearson VUE exams. The registration is done through The Open Group’s site, which redirects you to the Pearson VUE site for scheduling. I was able to take the test at the same site I’ve used for Cisco and VMware exams, so the test environment was quite familiar.

The test itself is pretty straightforward. It’s 40 questions, all multiple choice. The passing score is 55% with each question equally weighted. That means if you get at least 22 correct you’ll pass. Since it’s not an adaptive test you are able to go back and review questions prior to completing the exam.

I really didn’t find the exam to be too terribly difficult. There were a few questions that I had to guess on, but I was confident on about 70% of my answers. Since the passing score is 55% I didn’t worry too much about the ones I was unsure of, and I ended up passing.

What’s next

It can take up to 6 business days for the score report to become official. I am planning to start studying for the TOGAF Certified exam, and I hope to sit the exam in 2-3 weeks.

Update: I took the exam after, and wrote another post about it.

CISSP Certification

Posted on February 27, 2019February 9, 2023 by Dan Kelcher

I recently received a provisional passing score on the (ISC)² CISSP exam, and I thought I’d share what I learned.

About the exam

First off, the CISSP is a certification centered around IT security, and in touches on both management and engineering aspects of IT security. You can read more about what the CISSP entails here: https://www.isc2.org/Certifications/CISSP

One of the requirements of the CISSP certification is that you have at least five years experience in at least two of the eight domains.

Security and Risk Management
Asset Security
Security Architecture and Engineering
Communication and Network Security
Identity and Access Management
Security Assessment and Testing
Security Operations
Software Development Security

You can also get a 1-year waiver if you have a 4-year degree, or an approved certification.

When I decided to go for the CISSP I already had 15 years experience, though most of it was on the network engineering side of things. Due to the breadth of material covered in the exam I easily spent more time preparing for this test than any other certification test I’ve taken.

How I prepared

As I mentioned, I’ve had 15 years experience, so I’m familiar with most network security concepts from an engineering standpoint. However, this exam goes into a lot more than just the technical side of cyber security. A lot of the legal frameworks were new to me, as well as the software development side.

I started off by reading the CISSP Exam Cram (4th Edition). That book is based on a previous CISSP exam, but the content is still relevant to the 2018 version of the test. I read this cover-to-cover, making a number of highlights along the way. I then went back through and went over those highlights again to really solidify what I read.

I also had the Sybex Official Study Guide and Practice Tests. This book is much bigger, and I thought it went into more detail than the Exam Cram. I mainly used to book as a reference for areas that I found I was weak in after taking the practice tests or concepts that I wasn’t confident in after finishing the Exam Cram.

To break up the monotony of reading I also watched the CISSP video series through Pluralsight. I found the videos informative, but after having done so much reading it was a bit difficult to stay focused when reviewing content I was already familiar with. I actually think the video series provides a great foundational level, and I would have been better off if I’d started with it before I did the reading.

Lastly, I also read the Eleventh Hour CISSP Study Guide. I got the Kindle version, and I read through it a couple times in the days before the test. This is a really condensed version of the material, but I thought it was a great refresher.

Personally, I’m a big fan of practice tests. I find that they often help highlight where my weaknesses are, so I can focus my studies more in those areas. For the CISSP exam I must have done over 800 practice questions. The exam covers a wide range of material, so I wanted to make sure I didn’t have any gaps.

The exam itself

Having taken exams for PearsonVue and Prometric in the past this exam really wasn’t much different. The testing center did palm scans, and they were a lot more controlled than other exams, but nothing to significant.

Not that this is unusual for certification exams, but the CISSP exam seems to take pleasure in using some tricky questions. Without getting into NDA space I’ll just use a very loose example-

Q: Which of these BEST describes what is needed for a sandwich

A: Peanut Butter

B: Mayo

C: Bread

D: Meat

Well, a sandwich could made with all of them (at the same time if your brave enough). The correct answer is C because a sandwich is (at least by definition) made with bread.

In the US the exam is adaptive, meaning there’s no Back button, so when you submit an answer you’d better be happy with what you selected. Read twice, click once. It also doesn’t tell you how many questions there are. It just stops abruptly somewhere between 100 and 150 questions. The screen doesn’t display a result either. You don’t find out if you passed or not until you get the score report. The score report should indicated if you passed or failed, and if you failed it should list the domains you were weak in. There’s also situations where a score isn’t immediately available.

After the exam

If you passed the exam you should get an email confirmation a couple days later with information on submitting an endorsement application. The process is pretty straightforward, but it can take upwards of eight weeks for everything to be approved before the certification is official.

Right now I’m still waiting for the official approval, so any addition details will come along when that’s complete.